« When one of the web guardians falters, our entire digital life comes to a halt.»
The global Cloudflare outage inspired this remark from mc2i.
The consulting firm isn’t alone in worrying about Internet dependence on infrastructures run by a handful of players. It’s even more concerned after major incidents that recently affected AWS and Azure.
At the former, many services were disrupted due to a DNS-resolution issue tied to a database.
At the latter, the problem originated from an invalid state introduced by a configuration change on the CDN Azure Front Door.
A bug in the bot-control system
Cloudflare had first referred to a “peak of unusual traffic” toward one of its services—and explained that the rest of the traffic had suffered as a consequence.
Its CTO then went further. According to him, a configuration change triggered a latent bug in a service involved in bot control. Cascading effects followed. “This wasn’t an attack,” he added.
It was 12:20 PM in France on November 18 when the incident began. Cloudflare reported it on its status page half an hour later.
By 2:00 PM, we were told the problem had been identified. The deployment of a fix restoring access to the Cloudflare dashboard was formalized around 3:30 PM. A key step giving customers the ability to implement workarounds.
A few minutes later, the company said it estimated the incident was resolved. It was at that moment that its CTO spoke.
Cloudflare subsequently acknowledged that some customers might still experience login or dashboard usage issues. It also said that the bot scores would be intermittently affected during the recovery period.
By 5:30 PM, the situation was still improving but not fully back to normal. At 6:15 PM, latency and error rates returned to “normal levels.”
ChatGPT, Claude, Gemini, Le Chat, Perplexity… Silence among the chatbots
Affected Canva was among the clients that explicitly blamed Cloudflare. Affected on ChatGPT as well as on Sora and on its API, OpenAI simply spoke of a “third-party provider.” The same for Discord, which, however, noted that this provider was facing a “major issue”…
Also affected, Coinbase considered the incident (“latency or degraded connection performance for some users”) resolved at 4:38 PM. At Twilio — about half an hour earlier (login problems for Twilio and SendGrid users) — around the same time as Sage (problems accessing certain products).
ChatGPT was not the only chatbot disrupted. Gemini (Google), Claude (Anthropic), Le Chat (Mistral AI) and Perplexity AI, among others, were also affected.
Another notable Cloudflare outage in June 2025
Cloudflare experienced another notable outage on June 12, 2025. At the root, an outage in an external dependency. It disrupted a service that a lot of other services rely on: Workers KV.
More than 90% of requests to this key-value store produced 500 or 503 responses. Among downstream services affected:
- Access (authentication/authorization), which could not fetch configuration and identity information
- Gateway (web gateway), which could not process certain requests
- WARP (VPN), depending on Access
- Browser Isolation (secure browser), depending on Gateway for some sessions
- Turnstile (Captcha alternative)
- Images, which could no longer handle batch uploads
It took roughly three hours to resolve the issue. Claude and Gemini were affected. Gmail as well as Snapchat, Spotify, Twitch, and others.
* It wasn’t the peak that was described as unusual, but the traffic (“peak of unusual traffic”). A formulation that could have suggested an attack.
